A shortcoming in some operating systems, such as iOS, is that third party applications (also called “apps”) cannot be configured using configuration profiles within the operating system. Configuration profiles within the operating system can be used for configuring parts of the operating system and for controlling certain hardware functionality of the device. As there is no support in this respect for third party apps, each third party app must be configured by the user of the device, unless the user simply wishes to use whatever default configuration is provided by the third party app.
A sandbox is a security mechanism employed in some operating systems for isolating running programs. It is often used to execute programs from third parties, for example. The sandbox typically provides a limited set of resources for the programs to run in, which are usually less than the full set of resources that are available on the device and that would be available to the OS itself. By limiting what third party programs can do, sandboxing reduces the conflict between programs and the likelihood of crashes, improving the apparent reliability of the programs. It also protects the device from malware and other malicious code that can be injected into running applications.
A drawback of sandboxing may be seen in a corporate scenario. If a company wishes its employees to install a particular third party app on their mobile devices, then it may be the case that the third party app needs to be configured according to the requirements of the company. The problem is that many employees will have difficulty configuring the third party apps the way the company requires, which may involve entering server and/or port addresses. Even for those with competence in this area, there is still the possibility of making typing errors, and there may be some reluctance or procrastination on the part of the employees to actually carry out the configuration.